E-mails

Version information: The functions send_mail and form_mail, and the class form_mailer were renamed to sendMail, formMail and formMailer in version 2.8 to comply with the naming convention of the framework. Since version 2.8 the function sendMail is a static function of class mailer. Since version 2.8 the function formMail is a static function of class mailer.

General introduction on sending mails

The framework offers the function Mailer::mail() to send mail. This function implements a series of security measures, for protection against various types of header-injection attacks.

The function "Mailer::mail" is a variant of the native PHP function "mail", that has been secured against misuse and "header-injection" attacks. Unlike "mail", all input data is checked and header information is checked and restricted.

It returns "true", when the mail was sent and "false" otherwise. However, the value "true" does not mean the mail successfully arrived at its destination. It just means that the input was syntactically correct.

The function adds to the header of the mail the additional entries "x-yana-php-header-protection" and "x-yana-php-spam-protection".

"x-yana-php-header-protection" has a value of 0 if the header data was inconspicuous, otherwise 1

"x-yana-php-spam-protection" has a value of 0 if the header did not include a bcc field, or 1 otherwise

If you receive an e-mail, which was sent through YANA, see the headers of the e-mail to check whether the framework discovered irregularities in the text of the message.

Note: before sending the e-mail, the function $mailer->send() checks all input data automatically for attempts to inject header data and cleans all input where necessary. However, it does no harm to also check the input in your own script before calling the function.